function doRegister($data, $form)
{
// Check for existing member emial address
if ($member = DataObject::get_one("Member", "'Email' = '" . Convert::raw2sql($data['Email']) . "'")) {
// Set error message
$form->AddErrorMessage('Email', "Sorry, that email address already exists. Please choose another.", 'bad');
// Set form data from submitted values
Session::set("FormInfo.Form_RegistrationForm.data", $data);
// Return back to form
return Director::redirectBack();
}
// Otherwise create new member and log them in
$Member = new Member();
$form->saveInto($Member);
$Member->write();
$Member->login();
// Find or create the 'user' group
if (!($userGroup = DataObject::get_one('Group', "Code = 'users'"))) {
$userGroup = new Group();
$userGroup->Code = "users";
$userGroup->Title = "Users";
$userGroup->Write();
$userGroup->Members()->add($Member);
}
// Add member to user group
$userGroup->Members()->add($Member);
// Get Profile page
if ($ProfilePage = DataObject::get_one('EditProfilePage')) {
return Director::redirect($ProfilePage->Link('?success=1'));
}
}
function submit($data, $form)
{
// if rewards added and get it button clicked then validate and save to order object
if (isset($data['action_submit']) && isset($data['Quantity'])) {
Session::clear($this->controller->RewardsSessionKey());
foreach ($data['Quantity'] as $ProductID => $quantity) {
$item = $this->controller->newReward($ProductID, $quantity);
Session::set($this->controller->RewardsSessionKey($ProductID), serialize($item));
}
if ($this->controller->RewardsTotalPoints() > Page_Controller::MemberPointsBalance()) {
$this->sessionMessage('You do not have enough points to purchase these rewards.', 'error');
Director::redirectBack();
return;
}
$new_items = $this->controller->RewardItems();
}
//delete all existing reward items for this order
$order_items = $this->controller->Order()->RewardItems();
foreach ($order_items as $o_item) {
$o_item->delete();
}
// then flush rewards from session
Session::clear($this->controller->RewardsSessionKey());
//then link the reward items to the order
if (isset($new_items)) {
foreach ($new_items as $item) {
$item->write();
}
}
// then redirect to next step
Director::redirect($this->controller->Link() . 'checkoutstep/orderconfirmationandpayment/');
}
/**
* Very ugly copy of the same method in ComplexTableField, but need a way to inject the extra data into created
* objects prior to writing them.
*/
function saveComplexTableField($data, $form, $params)
{
$className = $this->sourceClass();
$childData = new $className();
$form->saveInto($childData);
// Populate in the defaults as well.
foreach ($this->defaultValues as $key => $value) {
$childData->{$key} = $value;
}
$childData->write();
// Save the many many relationship if it's available
if (isset($data['ctf']['manyManyRelation'])) {
$parentRecord = DataObject::get_by_id($data['ctf']['parentClass'], (int) $data['ctf']['sourceID']);
$relationName = $data['ctf']['manyManyRelation'];
$componentSet = $parentRecord->getManyManyComponents($relationName);
$componentSet->add($childData);
}
if (isset($data['ctf']['hasManyRelation'])) {
$parentRecord = DataObject::get_by_id($data['ctf']['parentClass'], (int) $data['ctf']['sourceID']);
$relationName = $data['ctf']['hasManyRelation'];
$componentSet = $parentRecord->getComponents($relationName);
$componentSet->add($childData);
}
$referrer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null;
$closeLink = sprintf('<small><a href="%s" onclick="javascript:window.top.GB_hide(); return false;">(%s)</a></small>', $referrer, _t('ComplexTableField.CLOSEPOPUP', 'Close Popup'));
$message = sprintf(_t('ComplexTableField.SUCCESSADD', 'Added %s %s %s'), $childData->singular_name(), '<a href="' . $this->Link() . '/item/' . $childData->ID . '/edit">' . $childData->Title . '</a>', $closeLink);
$form->sessionMessage($message, 'good');
Director::redirectBack();
}
function addMember($data, $form)
{
$member = new Member();
$form->saveInto($member);
$member->write();
Director::redirectBack();
}
public function Delete($data, $item)
{
if (!$item->canDelete()) {
$this->httpError(403);
}
$this->parent->{$this->name . 'ID'} = null;
$this->parent->write();
$item->delete();
return Director::is_ajax() ? $this->FieldHolder() : Director::redirectBack();
}
public function removeFromWishList($data, $form)
{
if (($member = Member::currentUser()) && ($wishListItems = $member->WishListItems("PageID = " . $data['PageID'])) && $wishListItems->exists()) {
foreach ($wishListItems as $wishListItem) {
$member->WishListItems()->remove($wishListItem);
}
}
//$page = DataObject::get_by_id("Page", $data['PageID']);
Director::redirectBack("?removed_wishlist=1");
}
protected function fontAction($change)
{
$currentSize = $this->currentFontSize();
$currentSize = floatval($currentSize) + $change;
Session::set("fontsize", $currentSize);
if (Director::is_ajax()) {
return $this->CurrentFontSizeInPercentages($currentSize);
} else {
Director::redirectBack();
}
return array();
}
/**
* Save the changes to the form
*/
function submit($data, $form, $request)
{
$member = Member::currentUser();
if (!$member) {
return false;
}
$form->saveInto($member);
$member->write();
$form->sessionMessage(_t("MemberForm.DETAILSSAVED", 'Your details have been saved'), 'good');
Director::redirectBack();
return true;
}
function activate($data, $form, $request)
{
//Check if there's a temp member with a Verification Code equal to this
//if there is, register the new member and log him in
//if not, tell him the code is wrong
//Check if this member already exists
$tempMember = TempMember::codeExists($data);
if (!$tempMember) {
$form->sessionMessage(_t("Register.REGISTRATION ERROR", "There's no account waiting for activation with this code.\n\t\t\t\t\t\t\t\t\t If you already have an account log in here <a href=\"my-events/\">here</a>"), 'bad');
Director::redirectBack();
return;
}
// Create a new Member object
$member = new Member();
$member->FirstName = $tempMember->FirstName;
$member->Surname = $tempMember->Surname;
$member->Phone = $tempMember->Phone;
$member->Email = $tempMember->Email;
$member->Password = $tempMember->Password;
$member->ReceiveMail = $tempMember->ReceiveMail;
$member->ReceiveMail = $tempMember->ReceiveMail;
$member->RequestListedAsPresenter = $tempMember->RequestListedAsPresenter;
$member->LocationAddress = $tempMember->LocationAddress;
$member->LocationLatitude = $tempMember->LocationLatitude;
$member->LocationLongitude = $tempMember->LocationLongitude;
$member->Description = $tempMember->Description;
// Write to db.
// This needs to happen before we add it to a group
$member->write();
if ($tempMember->RequestListedAsPresenter) {
$presentorApproval = new PresentorApproval();
$presentorApproval->MemberID = $member->ID;
$presentorApproval->MemberName = $tempMember->FirstName . ' ' . $tempMember->Surname;
$presentorApproval->Message = $tempMember->Description;
$presentorApproval->Email = $tempMember->Email;
$presentorApproval->Confirmation = 'Pending';
$presentorApproval->IsDone = false;
$presentorApproval->write();
}
$tempMember->delete();
$member->logIn();
// Add the member to User Group
// Check if it exists first
if ($group = DataObject::get_one('Group', 'ID = 3')) {
$member->Groups()->add($group);
// Redirect based on URL
// TO EDIT
Director::redirect('SuccessVerification');
} else {
$form->sessionMessage(_t("Register.REGISTRATION ERROR", "Your registration wasn't successful please try again"), 'bad');
Director::redirectBack();
}
}
public function doProcess($data, $form, $request)
{
$order = new Order();
$items = $order->Items();
$member = Member::currentUserID() ? Member::currentUser() : new Member();
$paymentClass = isset($data['PaymentMethod']) ? $data['PaymentMethod'] : null;
$payment = class_exists($paymentClass) ? new $paymentClass() : null;
$requirePayment = $order->Subtotal() > 0 ? true : false;
if (!($items && $items->Count() > 0)) {
$form->sessionMessage(_t('OrderForm.NOITEMS', 'Error placing order: You have no items in your cart.'), 'bad');
return Director::redirectBack();
}
if ($requirePayment) {
if (!($payment && $payment instanceof Payment)) {
user_error("OrderForm::doProcess(): '{$paymentClass}' is not a valid payment class!", E_USER_ERROR);
}
}
// Ensure existing members don't get their record hijacked (IMPORTANT!)
if (!$member->checkUniqueFieldValue($data)) {
$uniqueField = Member::get_unique_identifier_field();
$uniqueValue = $data[$uniqueField];
$uniqueError = "Error placing order: The %s \"%d\" is\n\t\t\t\talready taken by another member. If this belongs to you, please\n\t\t\t\tlog in first before placing your order.";
$form->sessionMessage(_t('EcommerceMemberExtension.ALREADYEXISTS', printf($uniqueError, strtolower($uniqueField), $uniqueValue), PR_MEDIUM, 'Let the user know that member already exists (e.g. %s could be "Email", %d could be "joe@somewhere.com)'), 'bad');
return Director::redirectBack();
}
$form->saveInto($member);
if (!$member->Password) {
$member->setField('Password', Member::create_new_password());
}
$member->write();
$form->saveInto($order);
try {
$result = $order->process($member->ID);
} catch (Exception $e) {
$form->sessionMessage(_t('OrderForm.PROCESSERROR', "An error occurred while placing your order: {$e->getMessage()}.<br>\n\t\t\t\t\tPlease contact the website administrator."), 'bad');
// Send an email to site admin with $e->getMessage() error
return Director::redirectBack();
}
if ($requirePayment) {
$form->saveInto($payment);
$payment->write();
$result = $payment->processPayment($data, $form);
if ($result->isSuccess()) {
$order->sendReceipt();
}
// Long payment process. e.g. user goes to external site to pay (PayPal, WorldPay)
if ($result->isProcessing()) {
return $result->getValue();
}
}
Director::redirect($order->Link());
}
/**
* Handles validating the final step and writing the tickets data to the
* registration object.
*/
public function finish($data, $form)
{
parent::finish($data, $form);
$step = $this->getCurrentStep();
$datetime = $this->getController()->getDateTime();
$registration = $this->session->getRegistration();
$ticketsStep = $this->getSavedStepByClass('EventRegisterTicketsStep');
$tickets = $ticketsStep->loadData();
// Check that the requested tickets are still available.
if (!$this->validateTickets($tickets['Tickets'], $form)) {
Session::set("FormInfo.{$form->FormName()}.data", $form->getData());
Director::redirectBack();
return false;
}
// Validate the final step.
if (!$step->validateStep($data, $form)) {
Session::set("FormInfo.{$form->FormName()}.data", $form->getData());
Director::redirectBack();
return false;
}
// Reload the first step fields into a form, then save it into the
// registration object.
$ticketsStep->setForm($form);
$fields = $ticketsStep->getFields();
$form = new Form($this, '', $fields, new FieldSet());
$form->loadDataFrom($tickets);
$form->saveInto($registration);
if ($member = Member::currentUser()) {
$registration->Name = $member->getName();
$registration->Email = $member->Email;
}
$registration->TimeID = $datetime->ID;
$registration->MemberID = Member::currentUserID();
$total = $ticketsStep->getTotal();
$registration->Total->setCurrency($total->getCurrency());
$registration->Total->setAmount($total->getAmount());
foreach ($tickets['Tickets'] as $id => $quantity) {
if ($quantity) {
$registration->Tickets()->add($id, array('Quantity' => $quantity));
}
}
$registration->write();
$this->session->delete();
// If the registrations is already valid, then send a details email.
if ($registration->Status == 'Valid') {
EventRegistrationDetailsEmail::factory($registration)->send();
}
$this->extend('onRegistrationComplete', $registration);
return Director::redirect(Controller::join_links($datetime->Event()->Link(), 'registration', $registration->ID, '?token=' . $registration->Token));
}
/**
* Process payment form and return next step in the payment process.
* Steps taken are:
* 1. create new payment
* 2. save form into payment
* 3. return payment result
*
* @param Order $order - the order that is being paid
* @param Form $form - the form that is being submitted
* @param Array $data - Array of data that is submittted
* @return Boolean - if successful, this method will return TRUE
*/
public static function process_payment_form_and_return_next_step($order, $form, $data)
{
if (!$order) {
$form->sessionMessage(_t('EcommercePayment.NOORDER', 'Order not found.'), 'bad');
Director::redirectBack();
return false;
}
$paidBy = $order->Member();
if (!$paidBy) {
$paidBy = Member::currentUser();
}
$paymentClass = !empty($data['PaymentMethod']) ? $data['PaymentMethod'] : null;
$payment = class_exists($paymentClass) ? new $paymentClass() : null;
if (!($payment && $payment instanceof Payment)) {
$form->sessionMessage(_t('EcommercePayment.NOPAYMENTOPTION', 'No Payment option selected.'), 'bad');
Director::redirectBack();
return false;
}
// Save payment data from form and process payment
$form->saveInto($payment);
$payment->OrderID = $order->ID;
if (is_object($paidBy)) {
$payment->PaidByID = $paidBy->ID;
}
$payment->Amount = $order->TotalOutstandingAsMoneyObject();
$payment->write();
// Process payment, get the result back
$result = $payment->processPayment($data, $form);
if (!$result instanceof Payment_Result) {
return false;
} else {
if ($result->isProcessing()) {
//IMPORTANT!!!
// isProcessing(): Long payment process redirected to another website (PayPal, Worldpay)
//redirection is taken care of by payment processor
return $result->getValue();
} else {
//payment is done, redirect to either returntolink
//OR to the link of the order ....
if (isset($data["returntolink"])) {
Director::redirect($data["returntolink"]);
} else {
Director::redirect($order->Link());
}
}
return true;
}
}
function submit($data, $form)
{
if ($order = ShoppingCart::singleton()->current()) {
$package = $order->createShippingPackage();
$address = new Address();
$form->saveInto($address);
$estimator = new ShippingEstimator($package, $address);
$estimates = $estimator->getEstimates();
Session::set("ShippingEstimates", $estimates);
if (Director::is_ajax()) {
return json_encode($estimates->toArray());
//TODO: replace with an AJAXResponse class that can output to different formats
}
}
Director::redirectBack();
}
function handleAction($request)
{
// This method can't be called without ajax.
if (!Director::is_ajax()) {
Director::redirectBack();
return;
}
// Protect against CSRF on destructive action
if (!SecurityToken::inst()->checkRequest($request)) {
return $this->httpError(400);
}
$actions = Object::get_static($this->class, 'batch_actions');
$actionClass = $actions[$request->param('BatchAction')];
$actionHandler = new $actionClass();
// Sanitise ID list and query the database for apges
$ids = split(' *, *', trim($request->requestVar('csvIDs')));
foreach ($ids as $k => $v) {
if (!is_numeric($v)) {
unset($ids[$k]);
}
}
if ($ids) {
$pages = DataObject::get('SiteTree', "\"SiteTree\".\"ID\" IN (" . implode(", ", $ids) . ")");
// If we didn't query all the pages, then find the rest on the live site
if (!$pages || $pages->Count() < sizeof($ids)) {
foreach ($ids as $id) {
$idsFromLive[$id] = true;
}
if ($pages) {
foreach ($pages as $page) {
unset($idsFromLive[$page->ID]);
}
}
$idsFromLive = array_keys($idsFromLive);
// Debug::message("\"SiteTree\".\"ID\" IN (" . implode(", ", $idsFromLive) . ")");
$livePages = Versioned::get_by_stage('SiteTree', 'Live', "\"SiteTree\".\"ID\" IN (" . implode(", ", $idsFromLive) . ")");
if ($pages) {
$pages->merge($livePages);
} else {
$pages = $livePages;
}
}
} else {
$pages = new DataObjectSet();
}
return $actionHandler->run($pages);
}
/**
* @param $data
* @param $form
* @return SS_HTTPResponse
*/
function SaveProfile($data, $form)
{
// Check for a logged in member
if ($CurrentMember = Member::currentUser()) {
// Check for another member with the same email address
if ($member = DataObject::get_one("Member", "Email = '" . Convert::raw2sql($data['Email']) . "' AND ID != " . $CurrentMember->ID)) {
$form->addErrorMessage("Name", 'Sorry, that name already exists.', "bad");
Session::set("FormInfo.Form_EditProfileForm.data", $data);
return Director::redirectBack();
} else {
$form->saveInto($CurrentMember);
$CurrentMember->write();
return $this->redirect($this->Link('?saved=1'));
}
} else {
return Security::PermissionFailure($this->controller, 'you must be logged in to edit your profile');
}
}
/**
* Change the password
*
* @param array $data The user submitted data
*/
function doChangePassword(array $data)
{
if ($member = Member::currentUser()) {
// The user was logged in, check the current password
if (isset($data['OldPassword']) && $member->checkPassword($data['OldPassword']) == false) {
$this->clearMessage();
$this->sessionMessage(_t('Member.ERRORPASSWORDNOTMATCH', "Your current password does not match, please try again"), "bad");
Director::redirectBack();
return;
}
}
if (!$member) {
if (Session::get('AutoLoginHash')) {
$member = Member::member_from_autologinhash(Session::get('AutoLoginHash'));
}
// The user is not logged in and no valid auto login hash is available
if (!$member) {
Session::clear('AutoLoginHash');
Director::redirect('loginpage');
return;
}
}
// Check the new password
if ($data['NewPassword1'] == $data['NewPassword2']) {
$isValid = $member->changePassword($data['NewPassword1']);
if ($isValid->valid()) {
$this->clearMessage();
$this->sessionMessage(_t('Member.PASSWORDCHANGED', "Your password has been changed, and a copy emailed to you."), "good");
Session::clear('AutoLoginHash');
$redirectURL = HTTP::setGetVar('BackURL', urlencode(Director::absoluteBaseURL()), Security::Link('login'));
Director::redirect($redirectURL);
} else {
$this->clearMessage();
$this->sessionMessage(nl2br("We couldn't accept that password:\n" . $isValid->starredList()), "bad");
Director::redirectBack();
}
} else {
$this->clearMessage();
$this->sessionMessage(_t('Member.ERRORNEWPASSWORD', "Your have entered your new password differently, try again"), "bad");
Director::redirectBack();
}
}
function doImport($data, $form)
{
$loader = new GroupCsvBulkLoader();
// load file
$result = $loader->load($data['CsvFile']['tmp_name']);
// result message
$msgArr = array();
if ($result->CreatedCount()) {
$msgArr[] = sprintf(_t('GroupImportForm.ResultCreated', 'Created %d groups'), $result->CreatedCount());
}
if ($result->UpdatedCount()) {
$msgArr[] = sprintf(_t('GroupImportForm.ResultUpdated', 'Updated %d groups'), $result->UpdatedCount());
}
if ($result->DeletedCount()) {
$msgArr[] = sprintf(_t('GroupImportForm.ResultDeleted', 'Deleted %d groups'), $result->DeletedCount());
}
$msg = $msgArr ? implode(',', $msgArr) : _t('MemberImportForm.ResultNone', 'No changes');
$this->sessionMessage($msg, 'good');
Director::redirectBack();
}
protected function processInvites($data, $form, $request)
{
//Decide who to send this message to
$cleanupid = $_REQUEST['CleanupID'];
if (!$cleanupid) {
Director::redirect('my-events/Error/');
}
$cleanup = DataObject::get_one('CleanUpGroup', "CleanUpGroup.ID = '{$cleanupid}'");
$creator = Member::currentUser();
$creatorid = Member::currentUserID();
//CASE: Send Email to Recipients list!
$emailmsg = EventEmail::save_current_msg();
$form->saveInto($emailmsg);
$emailmsg->MemberID = $creatorid;
$emailmsg->SenderEmail = $_REQUEST['Email'];
$emailmsg->Recipients = $_REQUEST['Recipients'];
$emailmsg->CleanUpGroupID = $cleanupid;
$emailmsg->write();
$emailmsg->invitePeeps();
Director::redirectBack();
//PROCESS ENDS
}
/**
* Get all content as a javascript-compatible string (only if there is an Ajax-Request present).
* Falls back to {non_ajax_content}, {redirect_url} or Director::redirectBack() (in this order).
*
* @return string
*/
static function respond()
{
// we don't want non-ajax calls to receive javascript
if (isset($_REQUEST['forcehtml'])) {
return self::$non_ajax_content;
} else {
if (isset($_REQUEST['forceajax']) || Director::is_ajax()) {
ContentNegotiator::disable();
// TODO figure out a way to stay backwards-compatible with Ajax.Evaluator and still use the automatic evaluating of Prototype
//header("Content-type: text/javascript");
return self::get_javascript();
} elseif (!empty(self::$non_ajax_content)) {
return self::$non_ajax_content;
} elseif (!empty(self::$redirect_url)) {
Director::redirect(self::$redirect_url);
return null;
} else {
Director::redirectBack();
return null;
}
}
}
/**
* Save the cleanup and redirect
*/
function uploadimages($data, $form)
{
//Check there is a member! IF not return false
$member = Member::currentUser();
if (!$member) {
$form->sessionMessage(_t("Create.CLEANUPCREATTIONERROR", "You Need to be logged in to Edit An Event"), 'bad');
Director::redirectBack();
} else {
//$fri = (!empty($_REQUEST['Friday'])) ? $_REQUEST['Friday'] : null;
//CLEANUP EVENT WE ARE ADDING IMAGES FO
$cleanupID = !empty($_REQUEST['CleanUpID']) ? $_REQUEST['CleanUpID'] : null;
$cleanupgroup = DataObject::get_one('CleanUpGroup', "CleanUpGroup.ID = '{$cleanupID}'");
if (!$cleanupgroup) {
$form->sessionMessage(_t("Create.CLEANUPIMAGEUPLOADERROR", "You Need to have a Clean Up Event to add images "), 'bad');
Director::redirectBack();
} else {
$form->saveInto($cleanupgroup);
$cleanupgroup->write();
Director::redirect($cleanupgroup->Link());
}
}
}
/**
* Get all content as a javascript-compatible string (only if there is an Ajax-Request present).
* Falls back to {non_ajax_content}, {redirect_url} or Director::redirectBack() (in this order).
*
* @return string
*/
static function respond()
{
// we don't want non-ajax calls to receive javascript
if (isset($_REQUEST['forcehtml'])) {
return self::$non_ajax_content;
} else {
if (isset($_REQUEST['forceajax']) || Director::is_ajax()) {
$response = Controller::curr()->getResponse();
$response->addHeader('Content-Type', 'text/javascript');
return self::get_javascript();
} elseif (!empty(self::$non_ajax_content)) {
return self::$non_ajax_content;
} elseif (!empty(self::$redirect_url)) {
Director::redirect(self::$redirect_url);
return null;
} elseif (!Director::redirected_to()) {
Director::redirectBack();
return null;
} else {
return null;
}
}
}
function saveComplexTableField($data, $form, $params)
{
$className = $this->sourceClass();
$childData = new $className();
$form->saveInto($childData);
try {
$childData->write();
} catch (ValidationException $e) {
$form->sessionMessage($e->getResult()->message(), 'bad');
return Director::redirectBack();
}
// Save the many many relationship if it's available
if (isset($data['ctf']['manyManyRelation'])) {
$parentRecord = DataObject::get_by_id($data['ctf']['parentClass'], (int) $data['ctf']['sourceID']);
$relationName = $data['ctf']['manyManyRelation'];
$componentSet = $parentRecord ? $parentRecord->getManyManyComponents($relationName) : null;
if ($componentSet) {
$componentSet->add($childData);
}
}
if (isset($data['ctf']['hasManyRelation'])) {
$parentRecord = DataObject::get_by_id($data['ctf']['parentClass'], (int) $data['ctf']['sourceID']);
$relationName = $data['ctf']['hasManyRelation'];
$componentSet = $parentRecord ? $parentRecord->getComponents($relationName) : null;
if ($componentSet) {
$componentSet->add($childData);
}
}
$referrer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null;
$closeLink = sprintf('<small><a href="%s" onclick="javascript:window.top.GB_hide(); return false;">(%s)</a></small>', $referrer, _t('ComplexTableField.CLOSEPOPUP', 'Close Popup'));
$editLink = Controller::join_links($this->Link(), 'item/' . $childData->ID . '/edit');
$message = sprintf(_t('ComplexTableField.SUCCESSADD', 'Added %s %s %s'), $childData->singular_name(), '<a href="' . $editLink . '">' . $childData->Title . '</a>', $closeLink);
$form->sessionMessage($message, 'good');
// **PATCH
//Director::redirectBack();
Director::redirect($editLink);
}
/**
* Change the password
*
* @param array $data The user submitted data
*/
function doChangePassword(array $data)
{
if ($member = Member::currentUser()) {
// The user was logged in, check the current password
if ($member->checkPassword($data['OldPassword']) == false) {
$this->clearMessage();
$this->sessionMessage(_t('Member.ERRORPASSWORDNOTMATCH', "Your current password does not match, please try again"), "bad");
Director::redirectBack();
}
}
if (!$member) {
if (Session::get('AutoLoginHash')) {
$member = Member::autoLoginHash(Session::get('AutoLoginHash'));
}
// The user is not logged in and no valid auto login hash is available
if (!$member) {
Session::clear('AutoLoginHash');
Director::redirect('loginpage');
}
}
// Check the new password
if ($data['NewPassword1'] == $data['NewPassword2']) {
$member->Password = $data['NewPassword1'];
$member->AutoLoginHash = null;
$member->write();
$member->sendinfo('changePassword', array('CleartextPassword' => $data['NewPassword1']));
$this->clearMessage();
$this->sessionMessage(_t('Member.PASSWORDCHANGED', "Your password has been changed, and a copy emailed to you."), "good");
Session::clear('AutoLoginHash');
Director::redirect(Security::Link('login'));
} else {
$this->clearMessage();
$this->sessionMessage(_t('Member.ERRORNEWPASSWORD', "Your have entered your new password differently, try again"), "bad");
Director::redirectBack();
}
}
function dosave($data, $form)
{
// don't allow ommitting or changing the ID
if (!isset($data['ID']) || $data['ID'] != Member::currentUserID()) {
return Director::redirectBack();
}
$SQL_data = Convert::raw2sql($data);
$member = DataObject::get_by_id("Member", $SQL_data['ID']);
if ($SQL_data['Locale'] != $member->Locale) {
$form->addErrorMessage("Generic", _t('Member.REFRESHLANG'), "good");
}
$form->saveInto($member);
$member->write();
$closeLink = sprintf('<small><a href="' . $_SERVER['HTTP_REFERER'] . '" onclick="javascript:window.top.GB_hide(); return false;">(%s)</a></small>', _t('ComplexTableField.CLOSEPOPUP', 'Close Popup'));
$message = _t('Member.PROFILESAVESUCCESS', 'Successfully saved.') . ' ' . $closeLink;
$form->sessionMessage($message, 'good');
Director::redirectBack();
}
/**
* Delete the current record
*/
public function doDelete($data, $form, $request)
{
if ($this->currentRecord->canDelete(Member::currentUser())) {
$this->currentRecord->delete();
Director::redirect($this->parentController->Link('SearchForm?action=search'));
} else {
Director::redirectBack();
}
return;
}
/**
* Removes all of a specific item AND return back
*@return Mixed - if the request is AJAX, it returns JSON - CartResponse::ReturnCartData(); If it is not AJAX it redirects back to requesting page.
*/
public function removeallitemandedit($request)
{
$buyable = $this->buyable();
if ($buyable) {
$link = $buyable->Link();
$this->cart->deleteBuyable($buyable, $this->parameters());
Director::redirect($link);
} else {
Director::redirectBack();
}
}
public function removefile($request)
{
// Protect against CSRF on destructive action
if (!SecurityToken::inst()->checkRequest($request)) {
return $this->httpError(400);
}
if ($fileID = $this->urlParams['ID']) {
$file = DataObject::get_by_id('File', $fileID);
if (!$file) {
return $this->httpError(400);
}
// Delete the temp verions of this file in assets/_resampled
if ($file instanceof Image) {
$file->deleteFormattedImages();
}
$file->delete();
$file->destroy();
if (Director::is_ajax()) {
$js = <<<JS
\t\t\t\t\$('Form_EditForm_Files').removeFile({$fileID});
\t\t\t\tstatusMessage('removed file', 'good');
JS;
FormResponse::add($js);
return FormResponse::respond();
} else {
Director::redirectBack();
}
} else {
user_error("AssetAdmin::removefile: Bad parameters: File={$fileID}", E_USER_ERROR);
}
}
/**
* Use the URL-Parameter "action_saveComplexTableField"
* to provide a clue to the main controller if the main form has to be rendered,
* even if there is no action relevant for the main controller (to provide the instance of ComplexTableField
* which in turn saves the record.
*
* This is for editing existing item records. {@link ComplexTableField::saveComplexTableField()}
*
* @see Form::ReferencedField
*/
function saveComplexTableField($data, $form, $request)
{
$dataObject = $this->dataObj();
try {
$form->saveInto($dataObject);
$dataObject->write();
//Loop through options and save those for this variation
$parentRecord = $dataObject;
$relationName = 'Options';
$componentSet = $parentRecord->getManyManyComponents($relationName);
if ($componentSet) {
foreach ($componentSet as $component) {
$componentSet->remove($component);
}
if (isset($data['Options']) && is_array($data['Options'])) {
foreach ($data['Options'] as $attributeID => $optionID) {
$option = DataObject::get_by_id('Option', $optionID);
$componentSet->add($option);
}
}
}
} catch (ValidationException $e) {
$form->sessionMessage($e->getResult()->message(), 'bad');
return Director::redirectBack();
}
// Save the many many relationship if it's available
if (isset($data['ctf']['manyManyRelation'])) {
$parentRecord = DataObject::get_by_id($data['ctf']['parentClass'], (int) $data['ctf']['sourceID']);
$relationName = $data['ctf']['manyManyRelation'];
$componentSet = $parentRecord->getManyManyComponents($relationName);
$componentSet->add($dataObject);
}
$referrer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null;
$closeLink = sprintf('<small><a href="%s" onclick="javascript:window.top.GB_hide(); return false;">(%s)</a></small>', $referrer, _t('ComplexTableField.CLOSEPOPUP', 'Close Popup'));
$message = sprintf(_t('ComplexTableField.SUCCESSEDIT', 'Saved %s %s %s'), $dataObject->singular_name(), '<a href="' . $this->Link() . '">"' . htmlspecialchars($dataObject->Title, ENT_QUOTES) . '"</a>', $closeLink);
$form->sessionMessage($message, 'good');
Director::redirectBack();
}
/**
* Log the currently logged in user out
*
* @param bool $redirect Redirect the user back to where they came.
* - If it's false, the code calling logout() is
* responsible for sending the user where-ever
* they should go.
*/
public function logout($redirect = true)
{
if ($member = Member::currentUser()) {
$member->logOut();
}
if ($redirect) {
Director::redirectBack();
}
}
/**
* Login form handler method
*
* This method is called when the user clicks on "Log in"
*
* @param array $data Submitted data
*/
public function dologin($data)
{
if ($this->performLogin($data)) {
Session::clear('SessionForms.MemberLoginForm.Email');
Session::clear('SessionForms.MemberLoginForm.Remember');
if (Member::currentUser()->isPasswordExpired()) {
if (isset($_REQUEST['BackURL']) && ($backURL = $_REQUEST['BackURL'])) {
Session::set('BackURL', $backURL);
}
$cp = new ChangePasswordForm($this->controller, 'ChangePasswordForm');
$cp->sessionMessage('Your password has expired. Please choose a new one.', 'good');
Director::redirect('Security/changepassword');
} elseif (isset($_REQUEST['BackURL']) && $_REQUEST['BackURL'] && Director::is_site_url($_REQUEST['BackURL'])) {
Director::redirect($_REQUEST['BackURL']);
} elseif (Security::default_login_dest()) {
Director::redirect(Director::absoluteBaseURL() . Security::default_login_dest());
} else {
$member = Member::currentUser();
if ($member) {
$firstname = Convert::raw2xml($member->FirstName);
if (!empty($data['Remember'])) {
Session::set('SessionForms.MemberLoginForm.Remember', '1');
$member->logIn(true);
} else {
$member->logIn();
}
Session::set('Security.Message.message', sprintf(_t('Member.WELCOMEBACK', "Welcome Back, %s"), $firstname));
Session::set("Security.Message.type", "good");
}
Director::redirectBack();
}
} else {
Session::set('SessionForms.MemberLoginForm.Email', $data['Email']);
Session::set('SessionForms.MemberLoginForm.Remember', isset($data['Remember']));
if (isset($_REQUEST['BackURL'])) {
$backURL = $_REQUEST['BackURL'];
} else {
$backURL = null;
}
if ($backURL) {
Session::set('BackURL', $backURL);
}
if ($badLoginURL = Session::get("BadLoginURL")) {
Director::redirect($badLoginURL);
} else {
// Show the right tab on failed login
$loginLink = Director::absoluteURL(Security::Link("login"));
if ($backURL) {
$loginLink .= '?BackURL=' . urlencode($backURL);
}
Director::redirect($loginLink . '#' . $this->FormName() . '_tab');
}
}
}
